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ARGUMENT 

GROUND OF REJECTION 1 

Claims 23-25 and 27-32 stand rejected under 35 U.S.C. § 102(e) as allegedly being 
anticipated by United States Patent No. 6,453,353 to Win et al., hereinafter Win. 

Claim 23 

Appellants respectfially contend that Win does not anticipate claim 23, because Win does 
not teach each and every feature of claim 23. 

As a first example of why Win does not anticipate claim 23, Win does not teach the 
feature: "receiving a request from a user device via a network for a virtual ID token relating to 
attribute ioformation pertaining to a subscriber associated with the user device". 

The language of claim 23 explicitly recites that the virtual ID token provided to the user 
device comprises a virtual W for identifying a virtual record that includes M attributes of a 
subscriber associated with a user device (M is less than at least 2). 

The assertion in the Examiner's Answer that the claimed virtual ID token comprises 
attribute information (see Examiner's Answer, page 10, bottom line) is not recited anywhere m 
claim 23 and is thus incorrect. Rather than reciting that the virtual ID token comprises attribute 
information, claim 23 recites that the virtual ID token relates to attribute information pertaining 
to a subscriber by comprising a virtual ID for identifying a virtual record that includes M 
attributes of the subscriber. 
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Thus, the preceding feature of claim 23 requires receiving a request from a user device 
for a Y'utaal ID token that comprises a virtual ID for identifying a virtual record that includes M 
attributes of a subscriber associated with a user device, which Win does not teach. 

The Examiner's Answer, page 3, lines 7-9 alleges that Win, Figs. 5A and 5C, and col. 2, 
liQCS 42-67 teaches the preceding feature of claim 23, which is incorrect. 

In response, Appellants assert that Win, col. 2, lines 42-67 does not teach receiving a 
request for a virtual ED token that comprises a virtual ID for identifying a virtual record that 
includes M attributes of a subscriber associated with a user device. Appellants note that the 
preceding argument in the Examiner's Answer has not provided any analysis to support the 
allegation in the Examiner's Answer that Win, Figs. 5A and 5C , and col. 2, lines 42-67 teaches 
the preceding feature of claim 23. 

The Examiner's Answer, page 310, line 13 - page 311, line 18 additionally argues that 
Win teaches the preceding feature of claim 23, which is incorrect. In particular, the Examiner's 
Answer, page 310, line 1 3 - page 311, line 1 8 discusses at great length what the Examiner' s 
Answer consider a virtual ID token to be, but does not address the issue of "receiving a request 
jfrom a user device ... for a virtual ID token". Appellants cannot find a teaching of receiving a 
request firom a user device for a virtual ID token in the citations recited in the Examiner's 
Answer, page 310, line 13 - page 311, line 18. 

In addition. Appellants cite Win, col. 10, lines 45-47 which recites: "the Authorization 
service requests profile information about the user from the Registry Server 108", which does 
not teach the preceding feature of claim 23 because: (1) the request for profile information is not 
a request for a virtual ED token that comprises a virtual ID for identifying a virtual record that 
includes M attributes of a subscriber associated with a user device; and/or (2) the request is not 
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from a user device but rather is from the Registry Server 1 08. For clarification, Appellants refer 
to Win, FIG. 1 which depicts a user device in association with the browser 100. The Registry 
Server 108 in Win, FIG. 1 is not a user device. 

In summary. Appellants cannot find a disclosure anywhere in Win of "receiving a 
request from a user device ... for a virtual ID token" (wherein the virtual ID token comprises a 
virtual ID for identifying a virtual record that includes M attributes of a subscriber associated 
with a user device). 

As an additional point. Appellants note that the Examiner's Answer, page 10, lines 19-21 
asserts that "the Appellant's Specification does not further define as to what the "virtual ID 
token" is, but rather its composition". 

In response. Appellants assert that the virtual ID token is not required to be defined, 
because the word "token" is very well known and commonly used in patents. In fact. 
Appellants' Representative did a search of "token" at the United States Patent and Trademark 
Office database on July 30, 2009 with a result of 30,245 hits. A word so commonly used in 
patents as "token" is not required to be specifically defined in a patent, and what is most 
important for patentable significance is what the claimed virtual ID token actually comprises, 
namely a virtual ID for identifying a virtual record that includes attributes of a subscriber 
associated with a user device. 

Accordingly, Win does not teach the preceding feature of claim 23. 

As a second example of why Win does not anticipate claim 23, Win does not teach the 
feature: "responsive to the request for the virtual ID token, reading a data record from a 
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database, said data record comprising L attributes of the subscriber, L being at least 2" (emphasis 
added). 

The Examiner's Answer, page 3, lines 10-12 argues that Win teaches the preceding 
feature of claim 23 in Win, Figures 5a, 5b and 5e, column 10, lines 14-26 and 41-55, column 1 1 

and lines 42-64. 

hi response and based on the discussion in the Examiner's Answer, page 1 1 , line 19- 
page 12, line 9, Appellants view the Examiner's Answer as alleging that Win teaches the 
preceding feature of claim 23 in FIG. 5C, step 520 as described in Win, col. 10, lines 41-55. 

Accordingly, Appellants specifically cite Win, col. 10, lines 43-51 which recites: ''After 
a user is authenticated, the Authentication Client module 414 calls the Authorization service of 
Access Server 106. In response, the Authorization service requests profile information about the 
user from the Registry Server 108, as shown by state 520. In state 522, Registry Server 108 
returns the profile information to Access Server 106. The profile information may comprise the 
user's name, locale information, IP address, and information defining roles held by the user." 
(emphasis added) 

Appellants respectfiilly contend that the preceding quote from Win, col. 10, lines 43-51 
discloses that the reading of a data record from a database (said data record comprising attributes 
of the subscriber) is responsive to the user being authenticated., and does not disclose that the 
reading of a data record from a database is "responsive to the request for the virtual ID token" as 
requured by the language of the preceding feature of claim 23. 

Accordingly, Win does not teach the preceding feature of claim 23. 
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As a third example of why Win does not anticipate claim 23, Win does not teach the 
feature: "providing the data record to the user device via the network". 

The Examiner's Answer, page 3, lines 13-19 argues: "Win teaches ... providing the data 
record to the user device via the network (Figures 1, 2 and 6-8, column 5, lines 1-12 and column 
26, lines 14-67, "remote computer can load the instructions into its dynamic memory and send 
the instructions over a telephone line via modem" "Communication interface 918 provides a 
two-way data communication coupling to a network link 920 that is connected to a local network 
922" and "Network link 920 typically provides data communication through one or more 
networks to other data devices")". 

In response, Appellants assert that the preceding quote from Win by the Examiner's 
Answer is taken from a discussion of a generic computer system. This discussion of a generic 
computer system does not teach "providing the data record to the user device via the network" 
wherein the "data record" is the same data record as appears in the feature of "reading a data 
record from a database", namely a data record comprising profile information of the user. 

The Examiner's Answer, page 12, lines 10-21 additionally argues that Win also discloses 
the preceding feature of claim 23 in Win, col. 5, line 66 - col. 6, lines 16 and col. 6, lines 58-65, 
and col. 26, lines 14-67. 

In response, Appellants assert that Win, col. 5, line 66 - col. 6 comprises a general 
discussion about logging in to a system which is unrelated to the preceding feature of claim 23 . 

In ftirther response. Appellants assert that Win, col. 6, lines 58-65 comprises a general 
discussion about cookies which is unrelated to the preceding feature of claim 23. 
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In yet further response, Appellants assert that Win, col. 26, lines 14-67 comprises a 
general discussion about the generic computer system of Win, FIG. 9 which is unrelated to the 
preceding feature of claim 23. 

Accordingly, Win does not teach the preceding feature of claim 23. 

As a fourth example of why Win does not anticipate claim 23, Win does not teach the 
feature: "receiving, j&om the user device via the network, a selection of M attributes of the L 
attributes, M being less than L". 

The Examiner's Answer, page 3, line 20 - page 4, line 4 argues: "Win teaches ... 
receiving, from the user device via the network, a selection of M attributes of the L attributes, M 
being less than L (Figure 10b, column 26, lines 14-67, "remote computer can load the 
instructions into its dynamic memory and send the instructions over a telephone line via a 
modem" "Conmnmication interface 918 provides a two-way data communication coupling to a 
network link 920 that is connected to a local network 922" and "Network link 920 typically 
provides data communication through one or more networks to other data devices")". 

In response. Appellants note that the preceding argument in the Examiner's Answer has 
not specifically identified in Win: the M attributes selected from the data record, which makes 
the argument in the Examiner's Answer vague and imclear. The Examiner's Answer has not 
even identified the data record in Win. Appellants assert that the preceding quote from Win, col. 
26, lines 14-67 by the Examiner's Answer is taken from a discussion of a discussion of a generic 
computer system that is totally silent as to the claimed "selection of M attributes of the L 
attributes, M being less than L". 



S/N: 10/568,513 



7 



The Examiner's Answer, page 13, lines 1-18 additionally argues: "The Examiner's 
Answer asserts that Win discloses this claimed feature, as cited above and fiirther in view of 
column 3, lines 7-25, "the receiving step further comprises the steps of storing, in a database 
accessible by the Web application server, information describing one or more roles and one or 
more access rights of the user that are stored in association with user identifying information, 
wherein the roles represent the work responsibilities carried out by the user in the enterprise, and 
wherein the access rights represent the kinds and levels of access privileges that are held by the 
user in the enterprise". The "one or more roles and one or more access rights of the user" are 
received and are "in association with user identifying information". The "user identifying 
information" isn't sent along with said "roles" or "access rights", thus said "roles" and "access 
rights" would be the claimed "M attributes"... Further, within column 6, lines 41-54, a "name 
and password" are given to an "Authentication Client Module" for verification purposes. Those 
two pieces of information constitute "attributes" and since only those two pieces are given and 
not additional information (i.e. roles), the claimed "M attributes'^ are disclosed by said "name 
and password" as well." 

hi response. Appellants assert that the preceding citation to Win, col. 3, lines 7-25 
discloses storing of information in a database accessible by the Web application server, but does 
not disclose receiving a selection of attributes from the user device as required by the language 
in the preceding feature of claim 1. Furthermore, there is no language in Win, col. 3, lines 7-25 
Ibat recites the negative limitation of roles information not being stored in the database, which 
the Examiner's Answer, page 13, lines 1-18 relies upon. 

Accordmgly, Win does not teach the preceding feature of claim 23. 
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As a fifth example of why Win does not anticipate claim 23, Win does not teach the 
feature: "generating a virtual record including the M attributes selected from the data record, said 
virtual record comprising a vutual ID (VTD) for identifying the virtual record". 

The Examiner's Answer, page 4, lines 5-10 argues that Win teaches the preceding feature 
of claim 23 in Win, Figures lOa-lOc, column 12, Imes 32-55 and colunm 15, lines 35-52. 

hi response. Appellants assert that the preceding argument m the Exammer's Answer has 
not specifically identified which content in Win, Figures lOa-lOc, column 12, Imes 32-55 and 
column 15, lines 35-52 allegedly represents the claimed virtual record and the allegedly included 
virtual ID and M attributes. Therefore, Appellants cannot evaluate the preceding argument in 
the Exammer's Answer, especially since the M attributes in the virtual record are required by the 
language of claim 23 to be the same M attributes received from the user device. Therefore, the 
preceduig argument by the Examiner's Answer is not persuasive. 

The Examiner's Answer, page 13, line 19 - page 14, line 5 additionally argues: "The 
Examiner maintains the above-cited grounds of rejection and further states that Wia additionally 
discloses the claimed invention within column 10, lines 41-55, "profile information may 
comprise the user's name, locale information, IP address, and information defining roles held by 
the user". Said "profile" being the Appellant's claimed "virtual record"." 

In response, Appellant assert that the precedmg feature of claim 23 explicitly recites that 
the generated virtual record comprises a virtual ID for identifying the virtual record, which Win 
does not teach and which the Examiner's Answer has not addressed. 

Accordingly, Wm does not teach the preceding feature of claim 23. 
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As a sixth example of why Win does not anticipate claim 23, Win does not teach the 
feature: "storing the generated virtual record in the database". 

The Examiner's Answer, page 4, lines 8-1 1 argues: "Wia teaches ... storing the generated 
virtual record in tibe database (column 3, lines 7-40, "storing, in the database an association of 
each resource to one or more of the roles", column 5, lines 13-20, column 12, lines 32-55 and 
column 15, lines 35-52)". 

In response. Appellants assert that the preceding argument in the Examiner's Answer 
ignores the requirement explicitly recited in claim 23 that the generated virtual record comprises 
a virtual ED for identifying the virtual record and is thus not persuasive. 

The Examiner's Answer, page 14, lines 6-18 provides additional argumentation but still 
fails to indicate where Win allegedly discloses storing a generated virtual DD record that 
comprises a virtual ID for identifying the virtual record, which is required explicitly by the 
language in claim 23. 

Accordingly, Win does not teach the preceding feature of claim 23. 

As a seventh example of why Win does not anticipate claims 23, Win does not teach the 
feature: "providing the virtual ID token to the user device via the network, wherein the virtual ID 
token comprises the VID". 

The Examiner's Answer, page 4, lines 1 1-18 argues: "Win teaches ... providing the 
virtual ID token to the user device via the network, wherein the virtual ID token comprises the 
VID (Figures 1, 2 and 6-8, column 2, lines 42-67, column 5, lines 1-12 and colimm 26, lines 
14-67, "remote computer can load the instructions into its dynamic memory and send the 
instructions over a telephone line via a modem" "Communication interface 918 provides a 
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two-way data communication coupling to a network link 920 that is connected to a local network 
922" and "Network link 920 typically provides data communication through one or more 
networks to other data devices"". 

In response. Appellants assert that the preceding quote from Win by the Examiner's 
Answer is taken from a discussion of a generic computer system which does not teach providing 
to the user the virtual ID token that comprises a virtual ID for identifying the virtual record. 

The Examiner's Answer, page 14, line 19 - page 15, line 19 provides additional 
argumentation but still fails to indicate where Win allegedly discloses providing to the user the 
virtual ID token that comprises a virtual ID for identifying the virtual record, which is explicitly 
required by the language of claim 23. 

Accordingly, Win does not teach the preceding feature of claim 23. 

As an eighth example of why Win does not anticipate claim 23, Win does not teach the 
feature: "wherein an attribute information providmg server performs said receiving the request 
for the virtual ID token, said reading the data record from the database, said providing the data 
record to the user device, said receiving the selection of M attributes, said generating the virtual 
record, said storing the generated virtual record in the database, and said providing tiie vuiual ID 
token to the user device". 

The Examiner's Answer, page 4, line 19, page 5, line 4 argues: "Win teaches ... wherein 
an attribute mformation providing server performs said receiving the request for the virtual ID 
token, said reading the data record from the database, said providing the data record to tiie user 
device, said receiving the selection of M attributes, said generating the virtual record, said 
storing the generated virtual record in the database, and said providing the virtual ID token to the 
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user device (column 3, lines 7-40, "storing, in the database an association of each resource to one 
or more of the roles", column 5, lines 13-20, column 11, lines 42-64, column 12, lines 32-55 and 
column 15, lines 35-52)." 

In response. Appellants assert that the preceding argument in the Examiner's Answer has 
not properly addressed the preceding featxire of claim 23. In particular, the Examiner's Answer 
has not identified an attribute information providiag server (or any other server) that performs all 
of the recited steps (i.e., the steps of "said receiving the request for the virtual ID token, said 
reading the data record from the database, said providing the data record to the user device, said 
receiving the selection of M attributes, said generating the virtual record, said storing the 
generated virtual record in the database, and said providing the virtual ID token to the user 
device"). Therefore, the argument in the Examiner's Answer is not relevant to the preceding 
feature of claim 23 and is therefore not persuasive. 

The Examiner's Answer, page 14, line 19 - page 15, line 19 provides additional 
argumentation but still fails to indicate where Win allegedly discloses a server that performs all 
of the recited steps (i.e., the steps of "said receiving the request for the virtual ID token, said 
reading the data record from the database, said providing the data record to the user device, said 
receiving the selection of M attributes, said generating the virtual record, said storing the 
generated virtual record in the database, and said providing the virtual ID token to the user 
device"). 

Accordingly, Win does not teach the preceding feature of claim 23. 



Based on the preceding arguments. Appellants respectfully maintain that Win does not 
anticipate claim 23, and that claim 23 is in condition for allowance. Since claims 24, 25 and 27- 
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32 depend from claim 23, Appellants contend that claims 24, 25 and 27-32 are likewise in 
condition for allowance. 

Claim 24 

Since claim 24 depends from claim 23, which Appellants have argued supra to not be 
anticipated by Win under 35 U.S.C. § 102(e), Appellants maintain that claim 24 is likewise not 
anticipated by Win under 35 U.S.C. § 102(e). 

In addition with respect to claim 24, Win does not teach the feature: "receiving a request 
comprising the VID for attribute information associated vAih. the VID from an attribute 
mformation receiving apparatus via the network". Appellants assert that claim 23, from which 
claim 24 depends, requires the virtual ID to identify a virtual record that includes attributes of 
the subscriber. 

The Examiner's Answer, page 5, lines 5-8 argues: "Win teaches receiving a request 
comprising the VID for attribute information associated with the VTD from an attribute 
information receiving apparatus via the network (Figures lOa-lOc, column 12, lines 32-55 and 
column 15, lines 35-52)". 

In response, Appellants note that the Examiner's Answer has not identified specifically 
what allegedly represents the VID in Win which makes the argument in the Examiner's Answer 
vague and imclear. 

Appellants respectfully contend that Win, Figures lOa-lOc, col. 12, lines 32-55 and col. 
15, lines 35-52 does not mention anything about a VID. 
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In addition, Appellants respectfully contend that Win, Figures 10a- 10c, col. 12, lines 
32-55 and col. 15, lines 35-52 does not mention anything about receiving a request comprising 
theVID 

In addition, Appellants respectftilly contend that Win, Figures lOa-lOc, col. 12, lines 
32-55 and col. 15, lines 35-52 does not mention anything about receiving a request comprising 
the VID for attribute information associated with the VID. 

In addition, Appellants respectfully contend that Win, Figures lOa-lOc, col. 12, lines 
32-55 and col. 15, lines 35-52 does not mention anything about receiving a request comprising 
the VID for attribute information associated with the VID from an attribute information 
receiving apparatus via the network. 

Thus, the preceding argument in the Examiner's Answer has not persuasively supported 
the allegation in the Examiner's Answer with respect to Win's alleged teaching of the preceding 
feature of claim 24. 

The Examiner's Answer, page 16, line 13 - page 17, line 2 provides additional 
argumentation, but still fails to provide a citation in Win that allegedly teaches receiving a 
request comprising the VID for attribute information associated with the VID, wherein the VID 
in the request identifies a virtual record that includes attributes of the subscriber. 

Accordingly, Win does not teach the preceding feature of claim 24. 

In addition with respect to claim 24, Win does not teach the feature: "reading the virtual 
record from the database in response to the request comprising the VDD". 

The Examiner's Answer, page 5, lines 9-12 argues: "Win teaches ... reading the virtual 
record from the database in response to the request comprising the VID (column 3, lines 7-40, 
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"storing, in the database an association of each resource to one or more of the roles", column 5, 
lines 13-20, column 11, lines 42-64, column 12, lines 32-55 and column 15, lines 35-52). 

In response. Appellants assert that the Examiner's Answer has erroneously equated 
"storing" a record to "reading" a record. Therefore, the Examiner's Answer's argument is 
illogical. 

The Examiner's Answer, page 17, lines 3-10 provides additional argumentation, but still 
fails to appreciate the difference between "storing" a record and "reading" a record. 

In addition, the Win does not teach that reading the virtual record is in response to the 
request comprising the VID, which the Examiner's Answer has not even addressed. 

Accordingly, Win does not teach the preceding feature of claim 24. 

Iq addition with respect to claim 24, Win does not teach the feature: "after said reading, 
providing the virtual record to the attribute information receiving apparatus via the network". 

The Examiner's Answer, page 5, lines 13-20 argues: "Win teaches ... after said reading, 
providing the virtual record to the attribute information receiving apparatus via the network 
(Figures 1, 2 and 6-8, column 2, lines 42-67, column 5, lines 1-12 and column 26, lines 14-67, 
"remote computer can load the instructions into its dynamic memory and send the instructions 
over a telephone line via a modem" "Communication interface 91 8 provides a two-way data 
communication coupling to a network link 920 that is connected to a local network 922" and 
"Network link 920 typically provides data communication through one or more networks to 
other data devices")". 

In response, Appellants assert that the Examiner's Answer has not specifically identified 
in Win the claimed virtual record. Therefore, the argument in the Examiner's Answer is vague 
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and unclear. In fact, the argument in the Examiner's Answer does not even address the virtual 
record in the preceding feature of claim 24. 

The Examiner's Answer, page 17, line 1 1 - page 18, Une 2 provides additional 
argumentation pertaining to cookies in a generic computer system, which is unrelated to the 
preceding feature of claim 24. 

Accordingly, Win does not teach the preceding feature of claim 24. 

In addition with respect to claim 24, Win does not teach the feature: "wherein the 
attribute information providing server performs said receiving the request comprising the VTD, 
said reading the virtual record from the database, and said providing the virtual record to the 
attribute information receiving apparatus". 

The Examiner's Answer, page 5, line 21 - page 6, line 4 argues: "Win teaches ... wherein 
the attribute information providing server performs said receiving the request comprising the 
VID, said reading the virtual record from the database, and said providing the virtual record to 
the attribute information receiving apparatus (column 2, lines 42^67, colunm 3, lines 7-40, 
"storing, in the database an association of each resource to one or more of the roles", column 5, 
lines 13-20, column 12, lines 32-55 and column 15, lines 35-52)". 

In response, Appellants assert that the Examiner's Answer has not properly addressed the 
precedmg feature of claim 24. In particular, the Examiner's Answer has not identified an 
attribute information providing server (or any other server) that performs the recited steps of 
"said receiving the request comprising the VID, said reading the virtual record from the 
database, and said providing the virtual record to the attribute information receiving apparatus". 
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Therefore, the argument in the Examiner's Answer is not relevant to the preceding feature of 
claim 24 and is therefore not persuasive. 

The Examiner's Answer, page 17, lines 3-10 provides additional argumentation, but still 
fails to address the preceduig feature of claim 24 with respect to disclosing an attribute 
information providing server (or any other server) that performs the recited steps of "said 
receiving the request comprising the VID, said reading the virtual record from the database, and 
said providing the virtual record to the attribute information receiving apparatus". 

Accordingly, Win does not teach the preceding feature of claim 24. 

Claim 25 

Since claim 25 depends from claim 23, which Appellants have argued supra to not be 
anticipated by Win under 35 U.S.C. § 102(e), Appellants maintain that claim 25 is likewise not 
anticipated by Win under 35 U.S.C. § 102(e). 

La addition with respect to claim 25, Win does not teach the feature: "wherein said 
providing the virtual record to the attribute information receiving apparatus is performed in 
manner that ensures that the virtual ED is concealed from the attribute information receiving 
apparatus when the virtual record is received by the attribute information receiving apparatus". 

The Examiner's Answer, page 6, lines 5-10 argues: "Regarding claim 25, Win teaches 
wherein said providing the virtual record to the attribute information receiving apparatus is 
performed in manner that ensures that the virtual ID is concealed from the attribute information 
receiving apparatus when the virtual record is received by the attribute information receiving 
apparatus (Figures 3b, 3c, 4, 5a-5e and 6, column 6, lines 41-54, column 8, lines 23-63, column 
9, lines 41-60 and column 10, lines 41-63)." 
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In response. Appellants assert that the Examiner's Answer has not specifically identified 
in Win the claimed virtual record. Therefore, the argument in the Examiner's Answer is vague 
and unclear. 

In addition, ttie Examiner's Answer has provided no analysis to demonstrate that Win 
(Figures 3b, 3c, 4, 5a-5e and 6, column 6, lines 41-54, colurtm 8, lines 23-63, column 9, lines 
41-60 and column 10, lines 41-63) teaches the preceding feature of claim 25. In particular, the 
Examiner's Answer has not identified the virtual record, the virtual ID, the attribute information 
receiving apparatus, and conceahnent of the virtual ID from the attribute information receiving 
apparatus when the virtual record is received by the attribute information receiving apparatus. 

The preceding argument by the Examiner's Answer has not persuasively supported the 
allegation in the Examiner's Answer with respect to Win's alleged teaching of the preceding 
feature of claim 25. 

The Examiner's Answer, page 19, lines 1-13 provides additional argumentation related to 
encrypting and decrypting cookies, which is unrelated to the preceding feature of claim 25. 
Accordingly, Win does not teach the preceding feature of claim 25. 

Claim 27 

Since claim 27 depends from claim 23, which Appellants have argued supra to not be 
anticipated by Win under 35 U.S.C. § 102(e), Appellants maintain that claim 27 is likewise not 
anticipated by Win under 35 U.S.C. § 102(e). 

hi addition with respect to claim 27, Wra does not teach the feature: "after said providing 
the virtual record to the attribute information receiving apparatus: providing, by the attribute 
information providing server, an attribute certificate to the attribute information receiving 
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apparatus in relation to a new transaction between the subscriber and the attribute information 
receiving apparatus, wherein the attribute certificate pertains to the M attributes in the virtual 
record provided to tiie attribute information receiving apparatus" 

The Examiner's Answer, page 6, lines 1 1-18 argues: "Regarding claim 27, Win teaches 
after said providing the virtual record to the attribute information receivmg apparattis: providing, 
by the attribute information providing server, an attribute certificate to the attribute information 
receiving apparatus in relation to a new transaction between the subscriber and the attribute 
information receiving apparatus, wherein the attribute certificate pertains to the M attributes in 
the virtual record provided to the attribute information receiving apparatus (column 5, lines 66 
and 67, column 6, lines 1-9, column 17, Imes 28-37, column 19, lines 56-63 and column 22, lines 
41-46)." 

In response. Appellants assert that the preceding argument in the Examiner's Answer has 
not specifically identified in Win: the attribute information providing server, the attribute 
certificate, and the M attributes in the virttial record. Therefore, ihe argument m the Examiner's 
Answer is vague and unclear. 

Moreover, the Examiner's Answer has not provided any analysis to demonstrate the Win 
(column 5, lines 66 and 67, column 6, lines 1-9, column 17, lines 28-37, column 19, lines 56-63 
and column 22, lines 41-46) teaches the preceding feature of claim 27. 

The Exammer's Answer, page 19, line 14 - page 20, line 8 additionally argues: "The 
Examiner asserts that Win discloses this claimed feature as cited within column 5, lines 66 and 
67, column 6, lines 1-9, "Users may log in either with a digital certificate by opening a login 
paige URL with a web browser and entering a name and password", column 17, lines 28-37, 
column 19, lines 56-63, "Remote procedure calls to Registry Server 108 are authenticated using 
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digital certificates, encrypted, and encapsulated within HTTP transactions" and column 22, lines 
41-46, "Access Server 106 and Registry Server 108 exchange digital certificates over encrypted 
link 109. The digital certificates are used during the SSL handshake for mutual authentication. 
Remote procedure calls from Access Server 106 to Registry Server 108 are then sent over an 
encrypted HTTP/SSL session"." 

In response, Appellants assert that the preceding argument in the Examiner' Answer is a 
generic discussion of digital certificates which does not address the clauned feature of "wherein 
the attribute certificate pertains to the M attributes in the virtual record provided to the attribute 
information receiving apparatus" and is thus not persuasive. 

Accordingly, Win does not teach the preceding feature of claim 27. 

Claim 28 

Since claim 28 depends from claim 23, which Appellants have argued supra to not be 
anticipated by Win under 35 U.S.C. § 102(e), Appellants maintain that claim 28 is likewise not 
anticipated by Win under 35 U.S.C. §102(e). 

In addition with respect to claim 28, Win does not teach the feature: "wherein the 
attribute information providing server comprises: a customer record display unit for displaying 
the virtual record; an attribute selection unit for extracting the M attributes from the data record 
prior to said generating the virtual record; a virtual record generation unit for performing said 
generating the virtual record; a VID token issue unit for performing generating the virtual ID 
token prior to said providing the virtual token ID to the user device; a virtual record referencing 
unit for referencing the virtual record based on the VID prior to said providing the virtual record 
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to the attribute information receiving apparatus; and a virtual record issue unit for performing 
said providing the virtual record to the attribute information receiving apparatus". 

The Examiner's Answer, page 6, line 19 - page 7, line 20 argues: "Regarding claim 28, 
Win teaches wherein the attribute information providing server comprises: a customer record 
display unit for displaying the virtual record (Figures lOa-lOc, column 17, lines 52-67 and 
column 1 8, lines 14-27); an attribute selection unit for extracting the M attributes from the data 
record prior to said generating the vutual record (Figures lOa-lOc, column 12, lines 32-55, 
column 15, lines 35-52 and column 16, lines 13-58); a virtual record generation unit for 
performing said generatmg the virtual record (Figures lOa-lOc, column 12, lines 32-55, column 
15, lines 35-52 and column 16, lines 13-58); a VXD token issue unit for performing generating 
the virtual ID token prior to said providing the virtual token ID to the user device (Figures 5a, 5b 
and 5e, colunm 2, lines 42-67, column 10, lines 14-26 and 41-55, column 11 and lines 42-64); a 
virtual record referencing unit for referencing the virtual record based on the VID prior to said 
providing the virtual record to the attribute information receiving apparatus (Figures 10a- 10c, 
column 12, lines 32-55, colunm 15, lines 35-52 and column 16, lines 13-58); and a virtual record 
issue unit for performing said providing the virtual record to the attribute information receiving 
apparatus (Figures 1, 2 and 6-8, column 2, lines 42-67, colunm 5, lines 1-12 and column 26, 
lines 14-67, "remote computer can load the instructions into its dynamic memory and send the 
instructions over a telephone line via a modem" "Communication interface 918 provides a 
two-way data communication coupling to a network link 920 that is connected to a local network 
922" and "Network link 920 typically provides data communication through one or more 
networks to other data devices")." 
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In response. Appellants assert that the Exammer's Answer has not specifically identified 
in Win: the customer record display unit, the virtual record generation unit, the VXD token issue 
unit; the virtual record referencing unit for referencing the virtual record based on the VID prior 
to said providing the virtual record to the attribute information receivmg apparatus, and the 
virtual record issue unit. Therefore, the argument in the Examiner's Answer is vague and 
unclear. 

Moreover, the Examiner's Answer has not provided any analysis to demonstrate the 
preceding citations Win teach the preceding feature of claim 28. 

Thus, the Examiner's preceding argument in the Answer has not persuasively supported 
the allegation in the Examiner's Answer with respect to Win's alleged teaching of the preceding 
feature of claim 28. 

The Examiner's Answer, page 20, line 9 - page 22, line 14 provides lengthy additional 
argumentation that fails to provide clear and concise statements concerning what allegedly 
represents each claimed component of the attribute information providing server. Appellants 
consider the argument in the Examiner's Answer, page 20, line 9 - page 22, line 14 to be 
cumbersome and to include too much irrelevant content to be reasonably understood. 

Accordingly, Win does not teach the preceding feature of claim 28. 

Claim 29 

Smce claim 29 depends from claim 23, which Appellants have argued supra to not be 
anticipated by Win under 35 U.S.C. §102(e). Appellants maintain that claim 29 is likewise not 
anticipated by Win under 35 U.S.C. §102(e). 
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In addition with respect to claim 29, Win does not teach the feature: "wherein the VID 
token further comprises a URL of the attribute information providing server". 

The Examiner's Answer, page , line 21 - page 8, line 2 argues: "Regarding claim 29, Win 
teaches wherein the VBD token fiirther comprises a URL of the attribute information providing 
server (Figures 3a-3c, column 5, lines 13-21, 66 and 67, column 6, lines 1-9 and 58-65, column 
7, lines 45-57, column 8, lines 5-63 and column 14, lines 34-43 and 56-67)." 

In response. Appellants assert that the preceding argument in the Examiner's Answer 
does not include any analysis to demonstrate the preceding citations Win teach the preceding 
feature of claim 29. 

The Examiner's Answer, page 22, line 15 - page 23, line provides the following 
additional argumentation: "The Examiner maintains that Win discloses this claimed feature, as 
disclosed within column 5, lines 13-21, 66 and 67, column 6, lines 1-9 and 58-65, column 7, 
lines 45-57, "administrator enters, for each Protected Server 104, an identifier; a name; a 
protocol; a port; a description; the location of an authentication server, URLs that identify pages 
displayed upon logout, upon login, and where restricted resources are encountered; the Protected 
Server on which cookies are stored", column 8, lines 5-63, "Open the Resource designated by 
this URL" and column 14, lines 34-43, "Each resource is defined by a resource identifier value, a 
resource name, a description, a Web server, a Relative URL, and a list of protected resources" 
and lines 56-67." 

In response, Appellants assert that the preceding argument in the Examiner's Answer has 
not even addressed the requirement of claim 29 that the VID token (that comprises the VID that 
identifies the virtual record that includes attributes of the subscriber) comprises a URL of the 
attribute information providing server. 
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Accordingly, Win does not teach the preceding feature of claim 29. 

Claim 31 

Since claim 3 1 depends from claim 23, which Appellants have argued supra to not be 
anticipated by Win under 35 U.S.C. § 102(e), Appellants maintain that claim 31 is likewise not 
anticipated by Win under 35 U.S.C. §102(e). 

In addition with respect to claim 31, Win does not teach the feature: "receiving a 
selection of Ml attributes of the L attributes in the data record, wherein the Ml attributes are not 
identical to the M attributes". 

The Examiner's Answer, page 8, lines 6-15 argues: "Regarding claim 31, Win teaches 
receiving a selection of Ml attributes of the L attributes in the data record, wherein the Ml 
attributes are not identical to the M attributes (Figure 10b, column 3, lines 7-40, "storing, in the 
database an association of each resource to one or more of the roles", column 5, lines 13-20, 
column 11, lines 42-64, column 12, lines 32-55, column 15, lines 35-52 and column 26, lines 
14-67, "remote computer can load the instructions mto its dynamic memory and send the 
instructions over a telephone line via a modem" "Communication mterface 918 provides a 
two-way data communication coupling to a network link 920 that is coimected to a local network 
922" and "Network link 920 typically provides data communication through one or more 
networks to other data devices")" 

hi response, Appellants note that the Examiner's Answer has not specifically identified 
the Ml attributes and the M attributes of the L attributes in the data record. Therefore, the 
argument in the Examiner's Answer is vague and unclear. 
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Moreover, the Examiner's Answer has not provided any analysis to demonstrate the 
preceding citations Win teach the preceding feature of claim 31. For example, the Examiner's 
Answer has not even addressed the claim feature of "wherein the Ml attributes are not identical 
to the M attributes". 

Thus, the preceding argument in the Examiner's Answer has not persuasively supported 
the allegation in the Examiner's Answer witii respect to Win's alleged teaching of the preceding 
feature of claim 31. 

The Examiner's Answer, page 24, lines 4-19 provides the following additional 
argumentation: "The Examiner asserts that Wki discloses this claimed feature, as cited within 
Figure 10b, column 3, lines 7-40, "storing, in the database an association of each resource to one 
or more of the roles", column 11, lines 42-64, "Personalized Menu Service constructs a 
personalized menu of resources showing only those resources that the user is authorized to 
access according to the user's profile information", column 12, lines 32-55, column 15, lines 
35-52, "administrator may complete and submit the data entry form for each individual user to 
be defined"... Also, within column 3, lines 7-25, "the receiving step further comprises the steps 
of storing, in a database accessible by the Web application server, information describing one or 
more roles and one or more access rights of the user that are stored in association with user 
identifying information, wherein the roles represent the work responsibilities carried out by the 
user in the enterprise, and wherein the access rights represent the kinds and levels of access 
privileges that are held by tihe user in the enterprise". The "one or more roles and one or more 
access rights of the user" are received and are "in association with user identifying uaformation". 
The "user identifying information" bemg an additional subset of the Appellant's claimed 
"attributes"" (emphasis added) 
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In response, Appellants assert that the preceding argument in the Examiner's Answer 
does not address "receiving a selection of Ml attributes of the L attributes in the data record, 
wherein the Ml attributes are not identical to the M attributes, but instead addresses ""storing ... 
an association of each resource to one or more of the roles" and "storing ... information 
describing one or more roles and one or more access rights of the user ". Appellants maintam 
that a teaching of storing information is not a teaching of receiving information. 

Accordingly, Win does not teach the preceding feature of claim 3 1 . 

In addition with respect to claim 31, Win does not teach the feature: "storing a second 
virtual record in the database,' wherem the second vktual record comprises the Ml attributes, and 
wherein the attribute information providmg server performs said receiving the selection of Ml 
attributes and said storing the second virtual record in the database". 

The Examiner's Answer, page 8, lines 16-21 argues: "Regarding claim 31, Wm teaches 
... storing a second virtual record in the database, wherein the second virtual record comprises 
the Ml attributes, and wherein the attribute information providing server performs said receiving 
the selection of Ml attributes and said storing the second virtual record in the database (column 
3, lines 7-40, "storing, in the database an association of each resource to one or more of the 
roles", column 5, lines 13-20, column 11, lines 42-64, column 12, lines 32-55 and column 15, 
lines 35-52)." 

In response. Appellants note that the Examiner's Answer has not specifically identified in 
Win: the virtual record, the second vutual record as contrasted with the virtual record, the Ml 
attributes the L attributes in the data record, and the attribute information providing server. 
Therefore, the argument in the Examiner's Answer is vague and unclear. 
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Moreover, the Examiner's Answer has not provided any analysis to demonstrate the 
preceding citations Win teach the preceding feature of claim 31 

In addition, the Examiner's Answer has not even considered the limitation of "wherein 
the attribute information providing server performs said receiving the selection of Ml attributes 
and said storing the second virtual record in the database". 

Thus, the preceding argument in the Examiner's Answer has not persuasively supported 
the allegation in the Examiner's Answer with respect to Win's alleged teaching of the preceding 
feature of claim 3 1 . 

The Examiner's Answer, page 25, lines 3 - 13 provides the following additional 
argumentation: "The Examiner asserts that Win discloses said "storing a second virtual record in 
the database" as cited within column 3, lines 7-40, "storing, in the database an association of 
each resource to one or more of the roles", column 5, lines 13-20, "central repository", colxmm 
12, lines 32-55, "Registry Repository 110 is the primary data store for the system 2. It contains 
data on Users, Resources, and Roles and configuration information required for the system 2 to 
function. Selected data, for example, passwords, are stored in Registry Repository 1 10 in 
encrypted form" and column 15, lines 35-52, "An administrator may complete and submit the 
data entry form for each individual user to be defined. In response. Registry Server 108 stores 
information defining the user in the Registry Repository 110." The claimed "database" is 
sufficiently disclosed by the, later alia, "Registry Repository" of Win.". 

In response. Appellant asserts that the preceding argument in the Examiner's Answer 
does not address the requirement in claim 31 that "the attribute information providing server 
performs said receiving the selection of Ml attributes". 

Accordingly, Win does not teach the preceding feature of claim 3 1 . 
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Claim 32 

Since claim 32 depends from claim 23, which Appellants have argued supra to not be 
anticipated by Win under 35 U.S.C. § 102(e), Appellants maintain that claim 32 is likewise not 
anticipated by Win under 35 U.S.C. §102(e). 

In addition with respect to claim 32, Win does not teach the feature: "wherein the data 
record comprises a globally-unique ID (GID) serving as a primary key of the data record, 
whereui the VID is a primary key of the virtual record, and wherein the VED is independent of 
the GID". 

The Examiner's Answer, page 9, lines 1-5 argues: "Regarding claim 32, Win teaches 
whereui the data record comprises a globally-unique ID (GID) serving as a primary key of the 
data record, wherein the VID is a primary key of the virtual record, and wherein the VTD is 
independent of the GID (Figures lOa-lOc, column 12, Imes 32-55, column 15, lines 35-52 and 
column 16, lines 13-58)." 

In response. Applicants note that the Examiner's Answer has not specifically identified in 
Win: the data record, the virtual record, the GID, and the VID. Therefore, the argument in the 
Examiner's Answer is vague and imclear. 

Moreover, the Examiner's Answer has not provided any analysis to demonstrate the 
preceding citations in Win teach the preceduig feature of claim 32. In particular, the Examiner's 
Answer has not explained how the preceduig citations Wui teach that: the GED serves as a 
primary key of the data record; the VID serves as a primary key of the virtual record, and the 
VED is independent of the GDD. 
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Thus, the preceding argument in the Examiner's Answer has not persuasively supported 
the allegation in the Examiner's Answer with respect to Wui's alleged teaching of the preceding 
feature of claim 32. 

The Examiner's Answer, page 25, lines 16-18 provides the following additional 
argumentation: "The Examiner asserts that Win discloses the claimed invention as cited within, 
but not limited to column 12, Imes 32-55, column 15, lines 35-52 and column 16, lines 13-58, 
"Administrative Privilege value"." 

In response. Appellants assert that the preceding argument in the Examiner's Answer is 
not relevant to the preceding feature of claim 32. 

Accordingly, Win does not teach the preceding feature of claim 32. 
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GROUND OF REJECTION 2 

Claim 26 stands rejected under 35 U.S.C. § 103(a) as allegedly being unpatentable over 
Win as applied to claim 23, as cited above, and further in view of United States Patent No. 
6,834,272 to Naor et al., hereinafter Naor. 

Since claim 26 depends from claim 23, which Applicants have argued supra to not be 
anticipated by Win under 35 U.S.C. §102(3), Applicants maintain that claim 26 is likewise not 
unpatentable over Win in view of Naor under 35 U.S.C. § 103(a). 

In addition with respect to claim 26, Win ia view of Naor does not disclose the feature: 
"wherein said providing the virtual record to the attribute information receiving apparatus is 
performed using a 1-out-of-N OT (Oblivious Transfer) protocol". 

The Examiner's Answer, page 10, lines 7-1 1 argues: "Regarding claim 26, Naor teaches 
wherein said providing the virtual record to the attribute information receivmg apparatus is 
performed using a 1-out-of-N OT (Oblivious Transfer) protocol (Figures 5 and 7, column 1 1, 
lines 30-67, column 12, lines 1-3 and 34-44, column 13, luies 42-55, column 17, lines 35-66 and 
column 19, lines 52-64)". 

hi response. Appellants respectfully contend that the preceding argument in the 
Examiner's Answer does not provide motivation for modifying Win by the alleged teaching of 
Naor and thus does not establish a prima facie case of obviousness in relation to claim 26. 

The Examiner's Answer, page 25, Ime 19 - page 26, line 16 provides the additional 
argumentation, but again does not provide motivation for modifying Win by the alleged teaching 
of Naor and thus does not establish a prima facie case of obviousness in relation to claim 26. 

Accordingly, the preceding feature of claim 26 is not unpatentable over Win in view of 
Naor under 35 U.S.C. §103(a). 
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SUMMARY 



In summary. Appellants respectMly requests reversal of the June 3, 2008 Office Action 
rejection of claims 23-32. 
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